Introduction
This document describes the Padding Oracle On Downgraded Legacy Encryption (POODLE) attack on the Cisco Email Security Appliance (ESA).
Problem
Secure Sockets Layer (SSL) Version 3.0 (RFC-6101) is an obsolete and insecure protocol. While for most practical purposes, it has been replaced by its successors - Transport Layer Security (TLS) Version 1.0 (RFC-2246), TLS Version 1.1 (RFC-4346), and TLS Version 1.2 (RFC-5246) - many TLS implementations remain backwards?compatible with SSL Version 3.0 in order to interoperate with legacy systems in the interest of a smooth user experience. The protocol handshake provides for authenticated version negotiation, so normally the latest protocol version common to the client and the server is used. However, even if a client and server both support a version of TLS, the security level offered by SSL Version 3.0 is still relevant since many clients implement a protocol downgrade dance in order to work around server?side interoperability bugs.
Attackers can exploit the downgrade dance and break the cryptographic security of SSL Version 3.0. The POODLE attack allows them, for example, to steal ?secure? HTTP cookies (or other bearer tokens such as HTTP Authorization header contents).
This vulnerability has been assigned the Common Vulnerabilities and Exposures (CVE) ID CVE-2014-3566.
Solution
Here is a list of relevant bugs:
- Cisco bug ID CSCur27131 - SSL Version 3.0 POODLE Attack on the ESA (CVE-2014-3566)
- Cisco bug ID CSCur27153 - SSL Version 3.0 POODLE Attack on the Cisco Security Management Appliance (CVE-2014-3566)
- Cisco bug ID CSCur27189 - SSL Version 3.0 POODLE Attack on the Cisco Web Security Appliance (CVE-2014-3566)
- Cisco bug ID CSCur27340 - SSL Version 3.0 POODLE Attack on the Cisco Ironport Encryption Appliance (CVE-2014-3566)
In Non-Federal Information Processing Standards (FIPS) Mode, SSL Version 3.0 is enabled in the default settings. In FIPS-Mode, SSL Version 3.0 is disabled by default. In order to check if FIPS mode is enabled, enter:
CLI> fipsconfig
FIPS mode is currently disabled.
When FIPS mode is disabled, check if SSL Version 3.0 is enabled in the sslconfig settings. When sslv3 is listed as the method, SSL Version 3.0 is enabled. Change this to TLS Version 1 in order to disable SSL Version 3.0.
CLI> sslconfig
sslconfig settings:
GUI HTTPS method: sslv3tlsv1
GUI HTTPS ciphers: <cipher list>
Inbound SMTP method: sslv3tlsv1
Inbound SMTP ciphers: <cipher list>
Outbound SMTP method: sslv3tlsv1
Outbound SMTP ciphers: <cipher list>
example.com> sslconfig
sslconfig settings:
GUI HTTPS method: sslv3tlsv1
GUI HTTPS ciphers: RC4-SHA:RC4-MD5:ALL
Inbound SMTP method: sslv3tlsv1
Inbound SMTP ciphers: RC4-SHA:RC4-MD5:ALL
Outbound SMTP method: sslv3tlsv1
Outbound SMTP ciphers: RC4-SHA:RC4-MD5:ALL
Choose the operation you want to perform:
- GUI - Edit GUI HTTPS ssl settings.
- INBOUND - Edit Inbound SMTP ssl settings.
- OUTBOUND - Edit Outbound SMTP ssl settings.
- VERIFY - Verify and show ssl cipher list.
[]> GUI
Enter the GUI HTTPS ssl method you want to use.
1. SSL v2.
2. SSL v3
3. TLS v1
4. SSL v2 and v3
5. SSL v3 and TLS v1
6. SSL v2, v3 and TLS v1
[5]> 3
Enter the GUI HTTPS ssl cipher you want to use.
[RC4-SHA:RC4-MD5:ALL]>
sslconfig settings:
GUI HTTPS method: tlsv1
GUI HTTPS ciphers: RC4-SHA:RC4-MD5:ALL
Inbound SMTP method: sslv3tlsv1
Inbound SMTP ciphers: RC4-SHA:RC4-MD5:ALL
Outbound SMTP method: sslv3tlsv1
Outbound SMTP ciphers: RC4-SHA:RC4-MD5:ALL
Choose the operation you want to perform:
- GUI - Edit GUI HTTPS ssl settings.
- INBOUND - Edit Inbound SMTP ssl settings.
- OUTBOUND - Edit Outbound SMTP ssl settings.
- VERIFY - Verify and show ssl cipher list.
[]> INBOUND
Enter the inbound SMTP ssl method you want to use.
1. SSL v2.
2. SSL v3
3. TLS v1
4. SSL v2 and v3
5. SSL v3 and TLS v1
6. SSL v2, v3 and TLS v1
[5]> 3
Enter the inbound SMTP ssl cipher you want to use.
[RC4-SHA:RC4-MD5:ALL]>
sslconfig settings:
GUI HTTPS method: tlsv1
GUI HTTPS ciphers: RC4-SHA:RC4-MD5:ALL
Inbound SMTP method: tlsv1
Inbound SMTP ciphers: RC4-SHA:RC4-MD5:ALL
Outbound SMTP method: sslv3tlsv1
Outbound SMTP ciphers: RC4-SHA:RC4-MD5:ALL
Choose the operation you want to perform:
- GUI - Edit GUI HTTPS ssl settings.
- INBOUND - Edit Inbound SMTP ssl settings.
- OUTBOUND - Edit Outbound SMTP ssl settings.
- VERIFY - Verify and show ssl cipher list.
[]> OUTBOUND
Enter the outbound SMTP ssl method you want to use.
1. SSL v2.
2. SSL v3
3. TLS v1
4. SSL v2 and v3
5. SSL v3 and TLS v1
6. SSL v2, v3 and TLS v1
[5]> 3
Enter the outbound SMTP ssl cipher you want to use.
[RC4-SHA:RC4-MD5:ALL]>
sslconfig settings:
GUI HTTPS method: tlsv1
GUI HTTPS ciphers: RC4-SHA:RC4-MD5:ALL
Inbound SMTP method: tlsv1
Inbound SMTP ciphers: RC4-SHA:RC4-MD5:ALL
Outbound SMTP method: tlsv1
Outbound SMTP ciphers: RC4-SHA:RC4-MD5:ALL
Choose the operation you want to perform:
- GUI - Edit GUI HTTPS ssl settings.
- INBOUND - Edit Inbound SMTP ssl settings.
- OUTBOUND - Edit Outbound SMTP ssl settings.
- VERIFY - Verify and show ssl cipher list.
[]>
example.com> commit
Please enter some comments describing your changes:
[]> remove SSLv3 from the GUI HTTPS method/Inbound SMTP method/Outbound SMTP method
Do you want to save the current configuration for rollback? [Y]>
Changes committed: Thu Oct 16 07:41:10 2014 GMT
Related Information
Feedback